CVE-2019-17634

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer.

CVSS v3 9.0 CRITICAL
CVSS v2.0 8.5 HIGH

9.0^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

8.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542	Exploit Issue Tracking Vendor Advisory
https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542	Exploit Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:32

Type	Values Removed	Values Added
References	~~() https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542 - Exploit, Issue Tracking, Vendor Advisory~~	() https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542 - Exploit, Issue Tracking, Vendor Advisory

Information

Published : 2020-01-17 19:15

Updated : 2024-11-21 04:32

NVD link : CVE-2019-17634

Mitre link : CVE-2019-17634

CVE.ORG link : CVE-2019-17634

JSON object : View

Products Affected

eclipse

memory_analyzer

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-17634", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.3}]}, "published": "2020-01-17T19:15:11.870", "references": [{"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "emo@eclipse.org"}, {"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "emo@eclipse.org", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer."}, {"lang": "es", "value": "Eclipse Memory Analyzer versi\u00f3n 1.9.1 y versiones anteriores est\u00e1 sujeto a una vulnerabilidad de cross site scripting (XSS) al generar un informe HTML a partir de un volcado de almacenamiento din\u00e1mico malintencionado. El usuario debe elegir descargar, abrir el volcado de almacenamiento din\u00e1mico malintencionado y generar un informe HTML para que se produzca el problema. El volcado de mont\u00f3n podr\u00eda ser especialmente dise\u00f1ado, o podr\u00eda provenir de una aplicaci\u00f3n dise\u00f1ada o de una aplicaci\u00f3n que procesa datos malintencionados. La vulnerabilidad est\u00e1 presente cuando se genera y abre un informe desde la interfaz gr\u00e1fica de usuario del Analizador de memoria, o cuando se abre un informe generado en modo por lotes en el Analizador de memoria o por un explorador web. La vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo en el sistema local cuando se abre el informe en el Analizador de memoria."}], "lastModified": "2024-11-21T04:32:40.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6550331-1E8F-4C06-8611-F8AD6F2889CB", "versionEndIncluding": "1.9.1"}], "operator": "OR"}]}], "sourceIdentifier": "emo@eclipse.org"}